Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/7W4T-yemRbLIL5WAqlHZozqkMWA.roa
File: 7W4T-yemRbLIL5WAqlHZozqkMWA.roa (raw, json)
Hash identifier: TE9PW7yKr77Sb3N3tAJSaOY2eY1u+CT1Z6Ek7oXH8+k=
Subject key identifier: ED:6E:13:FB:27:A6:45:B2:C8:2F:95:80:AA:51:D9:A3:3A:A4:31:60
Certificate issuer: /CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Certificate serial: 018573E86365EF6506C5371A5F938B250CD4
Authority key identifier: B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/7W4T-yemRbLIL5WAqlHZozqkMWA.roa
Signing time: Mon 02 Jan 2023 19:14:47 +0000
ROA not before: Mon 02 Jan 2023 19:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212776
IP address blocks: 185.161.67.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:e8:63:65:ef:65:06:c5:37:1a:5f:93:8b:25:0c:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b10c3cf3dc53ca549c03e4f5f46d91ce90b8e070
Validity
Not Before: Jan 2 19:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed6e13fb27a645b2c82f9580aa51d9a33aa43160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c5:14:30:3c:f5:80:bc:05:48:14:58:9d:21:
d0:76:34:20:f3:33:bc:06:e0:36:3f:d1:4b:17:58:
55:89:de:a1:08:d7:b0:3b:6a:73:25:39:7a:0c:6e:
3d:19:57:9d:42:69:b1:84:dc:54:60:9b:58:2c:11:
7a:ea:fa:11:bb:e6:87:ea:d0:6d:0d:22:4b:a6:44:
79:ca:87:04:ef:21:29:24:7e:84:ba:67:ee:f6:98:
d6:66:96:54:e5:00:b7:07:0e:7b:5b:7a:1a:cc:e0:
22:e5:9e:4c:aa:d4:54:4f:9b:c5:84:00:27:09:89:
6d:02:25:b5:1a:ce:39:12:db:c2:bd:36:38:92:4f:
36:08:25:ad:59:da:4d:36:83:fb:c0:11:f4:24:56:
16:b1:66:99:5b:a2:df:bc:86:77:7a:d5:ad:7d:17:
2d:8e:bb:64:c6:80:bf:27:02:b0:79:af:70:3c:fd:
8d:5d:48:53:38:a5:15:b7:5c:8f:96:20:e0:30:4f:
0b:78:98:c7:b8:6e:fc:c0:56:3e:26:e6:19:9f:c9:
db:21:ea:58:95:ac:a7:e6:23:90:0e:dd:18:86:bc:
56:2b:a4:29:98:33:51:4c:49:0b:bb:76:5c:8c:60:
6f:0e:03:bb:3b:3c:54:20:52:8b:1e:74:7a:08:fa:
f5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:6E:13:FB:27:A6:45:B2:C8:2F:95:80:AA:51:D9:A3:3A:A4:31:60
X509v3 Authority Key Identifier:
keyid:B1:0C:3C:F3:DC:53:CA:54:9C:03:E4:F5:F4:6D:91:CE:90:B8:E0:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sQw889xTylScA-T19G2RzpC44HA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/7W4T-yemRbLIL5WAqlHZozqkMWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/25cdb4-e508-4b37-81bc-36f82bd379bd/1/sQw889xTylScA-T19G2RzpC44HA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.67.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:7a:e2:68:a7:64:1c:3c:87:a0:57:86:a2:65:a5:68:b7:ab:
2b:61:a0:fc:97:1f:b5:89:0b:fb:a3:93:1d:bd:07:72:26:4b:
d1:f5:e5:9d:47:e4:15:a0:84:fc:0f:9a:f3:32:cc:62:27:4f:
dd:5a:57:f6:54:eb:fa:9c:f1:1e:2d:38:17:85:b2:1f:26:ad:
4f:5f:1c:48:c0:39:d9:4b:03:43:fa:85:3d:22:dd:a9:e4:06:
d3:a3:7a:12:9c:b0:d4:92:66:a1:a0:52:31:c8:af:31:5b:60:
c4:72:10:89:8d:df:fa:e3:fc:21:e2:8a:0a:cf:fd:db:58:f3:
44:58:40:9e:11:1d:02:98:84:c8:1c:c3:01:f4:cb:a2:4e:bd:
f0:7c:bc:e7:5b:cb:7d:84:54:26:66:2a:3f:2e:a6:29:13:3c:
25:3e:aa:77:9c:6f:19:af:a4:ce:9f:5e:02:fb:67:ce:48:80:
4a:ef:4f:27:62:60:c4:75:49:c8:72:97:d7:27:c8:01:32:7a:
10:c8:0d:67:b9:a5:ec:c3:94:b1:0f:ea:52:cb:21:b2:3f:21:
86:61:5c:68:d8:7e:d0:89:83:72:ea:61:ee:95:df:e4:50:55:
6f:d1:ff:c4:46:11:71:1b:14:88:c3:0f:f5:f8:b0:3f:a1:30:
23:85:22:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVz6GNl72UGxTcaX5OLJQzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMGMzY2YzZGM1M2NhNTQ5YzAzZTRmNWY0NmQ5MWNlOTBi
OGUwNzAwHhcNMjMwMTAyMTkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDZlMTNmYjI3YTY0NWIyYzgyZjk1ODBhYTUxZDlhMzNhYTQzMTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMUUMDz1gLwFSBRYnSHQdjQg8zO8
BuA2P9FLF1hVid6hCNewO2pzJTl6DG49GVedQmmxhNxUYJtYLBF66voRu+aH6tBt
DSJLpkR5yocE7yEpJH6Eumfu9pjWZpZU5QC3Bw57W3oazOAi5Z5MqtRUT5vFhAAn
CYltAiW1Gs45EtvCvTY4kk82CCWtWdpNNoP7wBH0JFYWsWaZW6LfvIZ3etWtfRct
jrtkxoC/JwKwea9wPP2NXUhTOKUVt1yPliDgME8LeJjHuG78wFY+JuYZn8nbIepY
layn5iOQDt0YhrxWK6QpmDNRTEkLu3ZcjGBvDgO7OzxUIFKLHnR6CPr1gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO1uE/snpkWyyC+VgKpR2aM6pDFgMB8GA1UdIwQY
MBaAFLEMPPPcU8pUnAPk9fRtkc6QuOBwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMt
MzZmODJiZDM3OWJkLzEvN1c0VC15ZW1SYkxJTDVXQXFsSFpvenFrTVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yNWNkYjQtZTUwOC00YjM3LTgxYmMtMzZmODJiZDM3OWJk
LzEvc1F3ODg5eFR5bFNjQS1UMTlHMlJ6cEM0NEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaFDMA0G
CSqGSIb3DQEBCwUAA4IBAQAPeuJop2QcPIegV4aiZaVot6srYaD8lx+1iQv7o5Md
vQdyJkvR9eWdR+QVoIT8D5rzMsxiJ0/dWlf2VOv6nPEeLTgXhbIfJq1PXxxIwDnZ
SwND+oU9It2p5AbTo3oSnLDUkmahoFIxyK8xW2DEchCJjd/64/wh4ooKz/3bWPNE
WECeER0CmITIHMMB9MuiTr3wfLznW8t9hFQmZio/LqYpEzwlPqp3nG8Zr6TOn14C
+2fOSIBK708nYmDEdUnIcpfXJ8gBMnoQyA1nuaXsw5SxD+pSyyGyPyGGYVxo2H7Q
iYNy6mHuld/kUFVv0f/ERhFxGxSIww/1+LA/oTAjhSKJ
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:40:36 2025 by rpki-client